31 matches found
VMware Spring Cloud Data Flow Security Vulnerability
VMware Spring Cloud Data Flow is a codebase for streaming and batch processing of data in microservices from VMware, Inc. A security vulnerability exists in VMware Spring Cloud Data Flow that stems from. Improperly cleaned upload paths could allow an attacker to write arbitrary files to any...
PT-2024-4070 · Unknown · Spring Cloud Data Flow
Name of the Vulnerable Software and Affected Versions: Spring Cloud Data Flow affected versions not specified Description: The issue is related to improper sanitization for upload paths in the Skipper server, allowing a malicious user with access to the server API to write arbitrary files to any...
BIT-SPRING-CLOUD-DATAFLOW-2020-5427 Possibility of SQL Injection in Spring Cloud Data Flow Task Execution Sorting Query
In Spring Cloud Data Flow, versions 2.6.x prior to 2.6.5, versions 2.5.x prior 2.5.4, an application is vulnerable to SQL injection when requesting task execution...
This Week in Spring - January 16th, 2024
Hi, Spring fans! Welcome to another installment of This Week in Spring! It's the 16th of January already! We're closer to February than not! I can hardly believe it. As always, we've got a lot to cover so let's dive right into it. the Spring Authorization Server 1.3.0-m1 is now available this is...
This Week in Spring - February 21, 20223
Hi, Spring fans! Welcome to another installment of This Week in Spring! How're you? I almost forgot today was Tuesday! Here in the US, we had a three day weekend for President's day, and also I've been streaming for a few hours every day or almost every day on my little YouTube channel so the day...
CVE-2020-5427
In Spring Cloud Data Flow, versions 2.6.x prior to 2.6.5, versions 2.5.x prior 2.5.4, an application is vulnerable to SQL injection when requesting task execution...
CVE-2020-5427
In Spring Cloud Data Flow, versions 2.6.x prior to 2.6.5, versions 2.5.x prior 2.5.4, an application is vulnerable to SQL injection when requesting task execution...
Sql injection
In Spring Cloud Data Flow, versions 2.6.x prior to 2.6.5, versions 2.5.x prior 2.5.4, an application is vulnerable to SQL injection when requesting task execution...
CVE-2020-5427 Possibility of SQL Injection in Spring Cloud Data Flow Task Execution Sorting Query
In Spring Cloud Data Flow, versions 2.6.x prior to 2.6.5, versions 2.5.x prior 2.5.4, an application is vulnerable to SQL injection when requesting task execution...
CVE-2020-5427
Spring Cloud Data Flow is affected by CVE-2020-5427 in versions 2.6.x prior to 2.6.5 and 2.5.x prior to 2.5.4, where the task execution sorting query is vulnerable to SQL injection. The issue stems from the vulnerable SQL path when requesting task execution. Remediation is to upgrade to version 2...
PT-2021-12401 · Spring · Spring Cloud Data Flow
Name of the Vulnerable Software and Affected Versions: Spring Cloud Data Flow versions 2.5.x prior to 2.5.4 Spring Cloud Data Flow versions 2.6.x prior to 2.6.5 Description: The application is vulnerable to SQL injection when requesting task execution. Recommendations: For versions 2.5.x prior to...